Skills
skills/ajbcoding/claude-skill-eval/moai-alfred-issue-labels/Gen Agent Trust Hub

moai-alfred-issue-labels

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The file reference.md provides a series of Bash commands designed to be executed via the GitHub CLI (gh). These commands include gh auth login for authentication and multiple gh label create calls to establish the repository's label infrastructure. While functional, this requires the agent to have the Bash tool enabled.
  • [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted data from external sources, specifically GitHub issue titles and descriptions, for the purpose of classification. This creates a surface for indirect prompt injection.
  • Ingestion points: The agent reads issue content to apply labeling heuristics (e.g., searching for keywords like 'bug' or 'security').
  • Boundary markers: The provided instructions do not specify the use of delimiters or 'ignore' instructions to prevent the agent from following commands embedded within the issues it processes.
  • Capability inventory: The skill has access to the Bash tool and potentially WebFetch to interact with GitHub APIs and the repository environment.
  • Sanitization: No explicit sanitization or validation of the ingested issue text is documented in the skill's logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:06 AM